phishing - Security Ticks

Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing

AI, phishing, Uncategorized / SecurityTicks

Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing 2025-03-20 at 19:18 By Kevin Townsend Analysis reveals a 140% increase in browser phishing, including a 130% increase in zero-hour phishing attacks. The post Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing appeared first on SecurityWeek. This article is an excerpt from SecurityWeek […]

React to this headline:

Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing Read More »

Scareware Combined With Phishing in Attacks Targeting macOS Users

Featured, macOS 14.2, phishing, scareware / SecurityTicks

Scareware Combined With Phishing in Attacks Targeting macOS Users 2025-03-19 at 14:11 By Ionut Arghire A long-running campaign phishing for credentials through scareware recently switched to targeting macOS users. The post Scareware Combined With Phishing in Attacks Targeting macOS Users appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Scareware Combined With Phishing in Attacks Targeting macOS Users Read More »

Microsoft 365 Targeted in New Phishing, Account Takeover Attacks

Account Takeover, Microsoft 365, phishing / SecurityTicks

Microsoft 365 Targeted in New Phishing, Account Takeover Attacks 2025-03-17 at 15:02 By Ionut Arghire Threat actors are abusing Microsoft 365 infrastructure in a BEC campaign, and target its users in two brand impersonation campaigns. The post Microsoft 365 Targeted in New Phishing, Account Takeover Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Microsoft 365 Targeted in New Phishing, Account Takeover Attacks Read More »

GitHub project maintainers targeted with fake security alert

account hijacking, Don't miss, GitHub, Hot stuff, News, OAuth, phishing / SecurityTicks

GitHub project maintainers targeted with fake security alert 2025-03-17 at 12:52 By Zeljka Zorz A phishing campaign targeting GitHub account owners has been trying to scare them with a fake security alert into allowing a malicious OAuth app access to their account and repositories. The fake security alert from GitHub GitHub users have taken to

React to this headline:

GitHub project maintainers targeted with fake security alert Read More »

Microsoft Warns of Hospitality Sector Attacks Involving ClickFix

ClickFix, Malware, phishing / SecurityTicks

Microsoft Warns of Hospitality Sector Attacks Involving ClickFix 2025-03-13 at 17:02 By Eduard Kovacs A cybercrime group named Storm-1865 has targeted hospitality organizations via fake Booking.com emails and the use of social engineering. The post Microsoft Warns of Hospitality Sector Attacks Involving ClickFix appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Microsoft Warns of Hospitality Sector Attacks Involving ClickFix Read More »

2024 phishing trends tell us what to expect in 2025

Don't miss, enterprise, Hot stuff, Kroll, News, phishing, Prodaft, SMBs, social engineering / SecurityTicks

2024 phishing trends tell us what to expect in 2025 2025-02-27 at 14:18 By Zeljka Zorz Phishing has been the method most often employed by cybercriminals to achieve initial access to targeted organizations in 2024, according to risk advisory firm Kroll, which expects this trend to continue in 2025. But attackers have also increasingly been

React to this headline:

2024 phishing trends tell us what to expect in 2025 Read More »

Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand

cybercrime, digital wallet, Don't miss, Hot stuff, Netcraft, News, payment cards, phishing, SecAlliance / SecurityTicks

Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand 2025-02-20 at 13:35 By Zeljka Zorz A new, improved version of Darcula, a cat-themed phishing-as-a-service (PhaaS) platform aimed at serving Chinese-speaking criminals, will be released this month and will allow malicious users to create customized phishing kits to target a wider variety

React to this headline:

Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand Read More »

Russian State Hackers Target Organizations With Device Code Phishing

device code phishing, Microsoft, Nation-State, phishing, Russia, Storm-2372 / SecurityTicks

Russian State Hackers Target Organizations With Device Code Phishing 2025-02-17 at 14:49 By Ionut Arghire Russian hackers have been targeting government, defense, telecoms, and other organizations in a device code phishing campaign. The post Russian State Hackers Target Organizations With Device Code Phishing appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Russian State Hackers Target Organizations With Device Code Phishing Read More »

BTMOB RAT: Newly Discovered Android Malware Spreading via Phishing Sites

infostealer, Malware, phishing / SecurityTicks

BTMOB RAT: Newly Discovered Android Malware Spreading via Phishing Sites 2025-02-13 at 06:19 By rohansinhacyblecom Key Takeaways Overview On January 31, 2025, Cyble Research and Intelligence Labs (CRIL) identified a sample lnat-tv-pro.apk (13341c5171c34d846f6d0859e8c45d8a898eb332da41ab62bcae7519368d2248) being distributed via a phishing site “hxxps://tvipguncelpro[.]com/” impersonating iNat TV – online streaming platform from Turkey posing a serious threat to unsuspecting

React to this headline:

BTMOB RAT: Newly Discovered Android Malware Spreading via Phishing Sites Read More »

Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams

Cryptocurrency, DeepSeek, phishing / SecurityTicks

Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams 2025-02-06 at 13:26 By Eduard Kovacs Researchers see dozens of fake DeepSeek websites used for credential phishing, cryptocurrency theft, and scams. The post Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View

React to this headline:

Fake DeepSeek Sites Used for Credential Phishing, Crypto Theft, Scams Read More »

DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks

Cryptotheft, fraud, phishing / SecurityTicks

DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks 2025-01-30 at 15:20 By rohansinhacyblecom Overview DeepSeek is a Chinese artificial intelligence company that has developed open-source large language models (LLMs). In January 2025, DeepSeek launched its first free chatbot app, “DeepSeek – AI Assistant”, which rapidly became the most downloaded free app on

React to this headline:

DeepSeek’s Growing Influence Sparks a Surge in Frauds and Phishing Attacks Read More »

Europeans targeted with new Tor-using backdoor and infostealers

Cisco, Don't miss, Europe, Hot stuff, Malware, News, phishing / SecurityTicks

Europeans targeted with new Tor-using backdoor and infostealers 2025-01-28 at 15:04 By Zeljka Zorz A financially motivated threat actor has been targeting German and Polish-speaking users with info-stealing malware and TorNet, a previously undocumented .NET backdoor that leverages the Tor network to evade detection. The phishing email The attacker sends out fake money transfer confirmations

React to this headline:

Europeans targeted with new Tor-using backdoor and infostealers Read More »

Malicious actors’ GenAI use has yet to match the hype

Artificial Intelligence, bot, Cyber Threat Alliance, deepfakes, disinformation, Don't miss, Hot stuff, News, phishing, report, scams, social engineering, threat response, tips / SecurityTicks

Malicious actors’ GenAI use has yet to match the hype 2025-01-14 at 17:08 By Zeljka Zorz Generative AI has helped lower the barrier for entry for malicious actors and has made them more efficient, i.e., quicker at creating convincing deepfakes, mounting phishing campaigns and investment scams, the most recent report by the Cyber Threat Alliance

React to this headline:

Malicious actors’ GenAI use has yet to match the hype Read More »

The top target for phishing campaigns

cybercrime, generative AI, Netskope, News, phishing, report, survey / SecurityTicks

The top target for phishing campaigns 2025-01-08 at 06:53 By Help Net Security Despite organizations’ repeated attempts at security awareness training, with a particular emphasis on how employees can avoid being phished, in 2024 enterprise users clicked on phishing lures at a rate nearly three times higher than in 2023, according to Netskope. More than

React to this headline:

The top target for phishing campaigns Read More »

How AI and deepfakes are redefining social engineering threats

Abnormal Security, cybercrime, Egress, Ironscales, LastPass, News, Osterman Research, phishing, report, survey, Zscaler / SecurityTicks

How AI and deepfakes are redefining social engineering threats 2025-01-07 at 06:04 By Help Net Security This article presents key insights from 2024 reports on the rise of phishing attacks, focusing on how advancements in AI and deepfake technology are making social engineering tactics more sophisticated. Cybercriminals exploit file sharing services to advance phishing attacks

React to this headline:

How AI and deepfakes are redefining social engineering threats Read More »

Users receive at least one advanced phishing link every week

cybercrime, email security, News, phishing, report, SlashNext, survey / SecurityTicks

Users receive at least one advanced phishing link every week 2025-01-06 at 06:37 By Help Net Security Phishing remains one of the most significant cyber threats impacting organizations worldwide, according to SlashNext. Credential phishing is raising Credential theft attacks surged dramatically in the second half of 2024 (703%), signaling a sharp escalation in the use

React to this headline:

Users receive at least one advanced phishing link every week Read More »

When risky cybersecurity behavior becomes a habit among employees

cybercrime, human error, Mimecast, News, phishing, report, survey, user behavior / SecurityTicks

When risky cybersecurity behavior becomes a habit among employees 2025-01-02 at 07:37 By Help Net Security While the majority of employees avoid risky behaviors, a small subset makes them a habit, posing a significant cybersecurity challenge, according to Mimecast. 48% of employees engaged in behaviors that exposed their organizations to cyber risk, with browsing violations

React to this headline:

When risky cybersecurity behavior becomes a habit among employees Read More »

iOS devices more exposed to phishing than Android

Android, cybercrime, cybersecurity, iOS, Lookout, mobile security, News, phishing, report, survey / SecurityTicks

iOS devices more exposed to phishing than Android 2024-12-26 at 06:07 By Help Net Security The mobile threat landscape continues to grow at an alarming rate as cybercrime groups shift their tactics and target mobile devices in the early stages of their attacks, according to a recent Lookout report. The report highlights insights behind a

React to this headline:

iOS devices more exposed to phishing than Android Read More »

European companies hit with effective DocuSign-themed phishing emails

account hijacking, Don't miss, Europe, Germany, Hot stuff, Microsoft 365, Microsoft Azure, News, phishing, UK / SecurityTicks

European companies hit with effective DocuSign-themed phishing emails 2024-12-18 at 14:07 By Zeljka Zorz A threat actor looking to take over the Microsoft Azure cloud infrastructure of European companies has successfully compromised accounts of multiple victims in different firms, according to Palo Alto Networks’ Unit 42 researchers. The phishing campaign The attack started earlier this

React to this headline:

European companies hit with effective DocuSign-themed phishing emails Read More »

MUT-1244 targeting security researchers, red teamers, and threat actors

Checkmarx, cryptojacking, data theft, Datadog, Don't miss, GitHub, Hot stuff, News, phishing, WordPress / SecurityTicks

MUT-1244 targeting security researchers, red teamers, and threat actors 2024-12-16 at 17:33 By Zeljka Zorz A threat actor tracked as MUT-1244 by DataDog researchers has been targeting academics, pentesters, red teamers, security researchers, as well as other threat actors, in order to steal AWS access keys, WordPress account credentials and other sensitive data. MUT-1244 has

React to this headline:

MUT-1244 targeting security researchers, red teamers, and threat actors Read More »